Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe','');
QuarantineFile('C:\Program Files\Microsoft Data\nsi.exe','');
QuarantineFile('C:\Users\4880~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\Полина\AppData\Local\12438\a25014.exe','');
DelBHO('{51420F88-4D4A-4042-9509-8D4E1307910E}');
QuarantineFile('C:\Program Files\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll','');
QuarantineFile('C:\iexplore.bat','');
QuarantineFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.xoferif.bat','');
QuarantineFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworbefas.bat','');
QuarantineFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworb.bat','');
QuarantineFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','');
QuarantineFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.emorhc.bat','');
QuarantineFile('C:\Users\Полина\AppData\Local\storegid\storegidup.exe','');
QuarantineFile('C:\Users\Полина\AppData\Local\storegid\storegid.exe','');
QuarantineFile('C:\Users\Полина\AppData\Local\Microsoft\Extensions\safebrowser.exe','');
QuarantineFile('C:\Users\Полина\AppData\Local\ConvertAd\ConvertAd.exe','');
QuarantineFile('C:\Users\4880~1\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat','');
QuarantineFile('C:\ProgramData\Kbrowser utility\kbrowser-updater-utility.exe','');
QuarantineFile('C:\Program Files\Kinoroom Browser\kinoroom-browser.exe','');
QuarantineFile('C:\windows\system32\drivers\{e7ea42ad-4fa4-4fce-a37a-c42931f721e3}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{d844ac65-f5bb-442d-922f-0cfb5ccefb0c}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{c06d4fbe-280b-4167-ade0-b7e3d262b0b1}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{820a714f-c526-4777-8e87-e9d6612e0938}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{748ea00c-6f7f-4fc0-becf-f6ebec59eb8f}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{2fb2b93a-d824-4963-962b-e98da201096d}Gw.sys','');
DeleteService('{e7ea42ad-4fa4-4fce-a37a-c42931f721e3}Gw');
DeleteService('{d844ac65-f5bb-442d-922f-0cfb5ccefb0c}Gw');
DeleteService('{c06d4fbe-280b-4167-ade0-b7e3d262b0b1}Gw');
DeleteService('{820a714f-c526-4777-8e87-e9d6612e0938}Gw');
DeleteService('{748ea00c-6f7f-4fc0-becf-f6ebec59eb8f}Gw');
DeleteService('{2fb2b93a-d824-4963-962b-e98da201096d}Gw');
DeleteService('{150ca330-afd5-4527-99bc-b3ce918cea60}Gw');
QuarantineFile('C:\windows\system32\drivers\{150ca330-afd5-4527-99bc-b3ce918cea60}Gw.sys','');
QuarantineFile('C:\windows\system32\drivers\{128614e8-07dd-4e11-b9ec-ca2c14f812c5}Gw.sys','');
DeleteService('{128614e8-07dd-4e11-b9ec-ca2c14f812c5}Gw');
DeleteFile('C:\windows\system32\drivers\{128614e8-07dd-4e11-b9ec-ca2c14f812c5}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{150ca330-afd5-4527-99bc-b3ce918cea60}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{2fb2b93a-d824-4963-962b-e98da201096d}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{748ea00c-6f7f-4fc0-becf-f6ebec59eb8f}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{820a714f-c526-4777-8e87-e9d6612e0938}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{c06d4fbe-280b-4167-ade0-b7e3d262b0b1}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{d844ac65-f5bb-442d-922f-0cfb5ccefb0c}Gw.sys','32');
DeleteFile('C:\windows\system32\drivers\{e7ea42ad-4fa4-4fce-a37a-c42931f721e3}Gw.sys','32');
DeleteFile('C:\Program Files\Kinoroom Browser\kinoroom-browser.exe','32');
DeleteFile('C:\ProgramData\Kbrowser utility\kbrowser-updater-utility.exe','32');
DeleteFile('C:\Users\4880~1\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','DigitalSites');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','amigo');
DeleteFile('C:\Users\Полина\AppData\Local\Amigo\Application\amigo.exe','32');
DeleteFile('C:\Users\Полина\AppData\Local\Amigo\Application\ok.exe','32');
DeleteFile('C:\Users\Полина\AppData\Local\Amigo\Application\vk.exe','32');
DeleteFile('C:\Users\Полина\AppData\Local\ConvertAd\ConvertAd.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ConvertAd');
DeleteFile('C:\Users\Полина\AppData\Local\Microsoft\Extensions\safebrowser.exe','32');
DeleteFile('C:\Users\Полина\AppData\Local\storegid\storegid.exe','32');
DeleteFile('C:\Users\Полина\AppData\Local\storegid\storegidup.exe','32');
DeleteFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.emorhc.bat','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','storegidUpdater');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','storegid');
DeleteFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','32');
DeleteFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworb.bat','32');
DeleteFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.resworbefas.bat','32');
DeleteFile('C:\Users\Полина\AppData\Roaming\Browsers\exe.xoferif.bat','32');
DeleteFile('C:\iexplore.bat','32');
DeleteFile('C:\Program Files\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll','32');
DeleteFile('C:\Users\Полина\AppData\Local\12438\a25014.exe','32');
DeleteFile('C:\windows\Tasks\AmiUpdXp.job','32');
DeleteFile('C:\windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Users\4880~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\windows\system32\Tasks\AmiUpdXp','32');
DeleteFile('C:\Program Files\Microsoft Data\nsi.exe','32');
DeleteFile('C:\windows\system32\Tasks\chrome5','32');
DeleteFile('C:\windows\system32\Tasks\chrome5_logon','32');
DeleteFile('C:\windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\windows\system32\Tasks\kbrowser-updater-utility','32');
DeleteFile('C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe','32');
DeleteFile('C:\windows\system32\Tasks\Reimage Reminder','32');
DeleteFile('C:\windows\system32\Tasks\Safebrowser','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.